cybersecurity

Cyber-attack defense: CIS Benchmarks + CDM + MITRE ATT&CK
Victims lost $6.9 billion to cybercrime in 2021, according to FBI’s Internet Crime Complaint Center. To take a bite out of that number, the Center for Internet Security …

Do you need cyber asset attack surface management (CAASM)?
In this video for Help Net Security, James Mignacca, CEO at Cavelo, talks about cyber asset attack surface management (CAASM), which Gartner recently identified as an emerging …

Principles for Kubernetes security and good hygiene
Traditional methods of software security are not a good fit for Kubernetes: a renewed set of security implementations are required to make it less vulnerable. What’s …

How to avoid compliance leader burnout
There has been a lot of talk about the sharp increase in workplace burnout. The WHO defines burnout as a syndrome resulting from chronic workplace stress that has not been …

Is cybersecurity talent shortage a myth?
In this interview for Help Net Security, Ricardo Villadiego, CEO at Lumu, explains why he thinks the cybersecurity talent shortage is a myth and how organizations can overcome …

Medical device cybersecurity: What to expect in 2022?
Cybellum released a survey report about medical device cybersecurity, along with trends and predictions for 2022. Medical device cybersecurity has become an extremely complex …

41% of businesses had an API security incident last year
In the wake of the digital transformation wave, web application program interfaces (APIs) have experienced exponential growth as the rise of integrated web and mobile-based …

The Great Resignation meets the Great Exfiltration: How to securely offboard security personnel
“The Great Resignation” is a phenomenon that has greatly impacted how we work. As of August 2021, 65% of people in the United States were looking for a new job and 25% of them …

The state of open-source software supply chain security in 2022
In this video for Help Net Security, Donald Fischer, CEO at Tidelift, talks about the state of open-source software supply chain security in 2022. Open source is the modern …

Slow deployment is hampering fraud prevention. What gives?
In May, Okta finalized its acquisition of Auth0 for $6.5 billion. Every company loves to add a shiny new toy to its arsenal, but this move sent a clear message to enterprise …

Strengthening the ability of public companies to combat cybersecurity threats
The National Association of Corporate Directors (NACD), SecurityScorecard and the Cyber Threat Alliance released a report that examines the U.S. Securities and Exchange …

60% of BYOD companies face serious security risks
When employees began bringing shiny, new smartphones into the office in the late 2000s, many business and IT leaders spotted an opportunity. They recognized the …
Featured news
Resources
Don't miss
- PoC exploit for SysAid pre-auth RCE released, upgrade quickly!
- Actively exploited FreeType flaw fixed in Android (CVE-2025-27363)
- Digital welfare fraud: ALTSRUS syndicate exploits the financially vulnerable
- Rethinking AppSec: How DevOps, containers, and serverless are changing the rules
- Autorize: Burp Suite extension for automatic authorization enforcement detection